Best Practices For SynaMan

SynaMan allow companies to securely share files with business colleagues while keeping 100% privacy. This page lists a few Best Practices that are recommended when you use SynaMan.

Harden Administrative Access

Administrators are treated as super users in SynaMan and anyone with access to the admin account will essentially have access to the entire machine. Consider following tips to harden administrative access.

Click Configuration and then select the Security tab to access all of the following settings:

  • Modify the value for Admin User, which serves as the login ID for the admin account.
  • Restrict admin access to localhost, which will prevent anyone from connecting through the web interface unless they are logged into the machine.
  • Configure SynaMan to send an email alert when someone uses a new machine to login as admin.
  • Consider changing the password for the admin account frequently
  • Never login as admin from the Internet without using SSL/TLS

Change the Log On Credentials for Windows Service

By default, SynaMan's service runs under Local System Account. This is done to facilitate creation of virtual folders pointing to any physical folder on the machine. Consider creating another account on Windows with limited access to the folders on the machine that are shared. Then, use that account to run SynaMan's services on Windows.

By using a dedicated and more controlled user account to run SynaMan's service will add another layer of security. This will prevent even the admin user to view/modify files through SynaMan on the local machine.

Enable SSL

The most important feature when pursuing a secure environment is using HTTPS. SynaMan not only supports SSL, but also contains several options for using an SSL certificates. For example, you can:
  • Use a self-signed certificate, which does not require any configuration but is not recommended.
  • Use a free certificate from Let's Encrypt.
  • Export an existing certificate from either IIS or Apache server
  • Create a brand new certificate and have a CA sign it.

Enable Two-Factor Authentication

Hackers are always looking to crack passwords and gain access to otherwise protected data. Two-factor authentication (2FA) offers additional security besides a user id/password and keeps unauthorized users away.

Encourage your users to use 2FA. Administrators could also make using this feature mandatory. Click here for details.

Enforce Password Policy

Humans hate passwords and as a result, we tend to create passwords that are identical across different services and easier to remember. On the flip side, such practices results in security holes in your infrastructure.

Therefore, it is always good to encourage your users to create complex passwords. As an administrator, you could enforce users to use complex passwords. Click here for details.

Audit and Access Logs

As an administrator, you should frequently look at the Audit and Access logs in SynaMan.

Navigation

Social Media

Powered by 10MinutesWeb.com